Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3jn5tohdiQ7HlrojeKLkhoeLGw4.roa
File: 3jn5tohdiQ7HlrojeKLkhoeLGw4.roa (raw, json)
Hash identifier: wn2KQ7OikiR8T/R/l6UsKcculAHYJb0DgbhPgYtlzwQ=
Subject key identifier: DE:39:F9:B6:88:5D:89:0E:C7:96:BA:23:78:A2:E4:86:87:8B:1B:0E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01865092A52F0B85273A6AE26987032C4990
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3jn5tohdiQ7HlrojeKLkhoeLGw4.roa
Signing time: Tue 14 Feb 2023 15:37:13 +0000
ROA not before: Tue 14 Feb 2023 15:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.176.0/24 maxlen: 24
84.32.215.0/24 maxlen: 24
84.32.214.0/24 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:50:92:a5:2f:0b:85:27:3a:6a:e2:69:87:03:2c:49:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 14 15:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de39f9b6885d890ec796ba2378a2e486878b1b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1a:d0:93:5c:3b:40:37:5d:d7:c8:2c:c1:ca:
6a:31:b1:af:d2:52:d2:86:a4:fe:e0:0c:7f:9b:b2:
84:19:e8:94:77:c8:e8:60:bd:1a:64:f0:36:59:0b:
c2:00:11:ec:4f:5b:1f:98:c7:e8:88:46:80:2a:50:
40:5a:5f:2d:08:10:57:61:1b:00:83:70:56:f9:65:
c6:0f:d9:8e:64:99:35:1a:64:d6:82:01:6e:b3:8b:
ef:ee:14:35:f1:b1:da:d0:39:5c:ac:d6:d1:48:58:
a7:95:1d:26:09:d8:e9:99:48:8f:61:de:79:ec:87:
98:70:a7:71:de:72:d8:1f:f0:26:7b:1a:c0:af:69:
27:56:55:6c:70:83:bf:1b:48:2d:87:22:ac:ba:c5:
c6:aa:cb:62:3c:4b:36:4a:5f:81:4f:1c:9b:a6:b3:
26:f5:ff:cd:d9:f2:e4:a6:35:24:7e:87:92:02:11:
43:55:1e:73:c0:6f:cf:56:f1:f0:3e:26:6d:52:c9:
83:50:f3:ee:2e:81:92:1b:8c:7f:2e:d8:bd:3e:99:
e9:5f:53:dc:be:6c:1b:91:b4:db:d0:c4:9f:4d:f4:
10:3e:5b:43:7d:52:94:51:ff:0c:3e:3d:36:0a:63:
9a:a8:0a:e2:aa:d9:fd:ff:b1:32:db:64:54:e5:a2:
30:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:39:F9:B6:88:5D:89:0E:C7:96:BA:23:78:A2:E4:86:87:8B:1B:0E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3jn5tohdiQ7HlrojeKLkhoeLGw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/24
84.32.57.0/24
84.32.176.0/24
84.32.214.0/23
84.32.248.0/24
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:e2:5b:df:ad:d6:70:7b:e1:56:e1:42:52:2b:e2:6d:a2:c7:
4b:3f:5d:5e:b6:9b:c4:5d:38:5a:5a:d4:71:85:37:bf:cc:46:
55:44:69:78:6a:7f:07:66:05:3a:bc:3d:c4:a1:8c:9f:11:74:
d4:3f:95:ab:02:8e:33:66:c0:a3:a4:92:ea:8d:51:87:f8:3b:
ae:f2:bf:33:b2:8f:1a:97:a9:87:77:ad:fa:da:fe:1a:8b:a5:
e3:9b:4d:9e:5e:a7:f7:72:3c:6f:a0:b1:87:38:4b:1a:4c:0e:
bf:4b:f0:78:8c:57:25:5d:cf:2b:9e:91:32:b5:fc:88:69:56:
1e:6c:54:ff:7e:6f:e6:55:50:de:9e:83:25:76:25:81:86:45:
a1:f1:e3:df:ce:96:1b:6c:c7:a6:89:82:9c:90:d4:a2:aa:54:
98:bf:0c:0f:3d:42:bb:7e:85:9f:21:86:fa:22:cb:e8:b8:18:
f3:9b:1d:e6:10:ee:a3:58:29:23:c5:06:f6:ce:5a:f2:c7:2a:
7f:38:33:77:3e:8a:2f:69:7e:d4:03:34:c4:11:10:b2:25:46:
73:25:5b:53:1e:f3:97:51:39:3a:95:60:ab:b3:dd:f3:97:b1:
b9:39:d8:8e:ce:3e:68:61:79:8d:8a:9d:d3:e1:28:95:53:cb:
91:d5:4c:1f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZQkqUvC4UnOmriaYcDLEmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMjE0MTUzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTM5ZjliNjg4NWQ4OTBlYzc5NmJhMjM3OGEyZTQ4Njg3OGIxYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxrQk1w7QDdd18gswcpqMbGv0lLS
hqT+4Ax/m7KEGeiUd8joYL0aZPA2WQvCABHsT1sfmMfoiEaAKlBAWl8tCBBXYRsA
g3BW+WXGD9mOZJk1GmTWggFus4vv7hQ18bHa0DlcrNbRSFinlR0mCdjpmUiPYd55
7IeYcKdx3nLYH/AmexrAr2knVlVscIO/G0gthyKsusXGqstiPEs2Sl+BTxybprMm
9f/N2fLkpjUkfoeSAhFDVR5zwG/PVvHwPiZtUsmDUPPuLoGSG4x/Lti9PpnpX1Pc
vmwbkbTb0MSfTfQQPltDfVKUUf8MPj02CmOaqAriqtn9/7Ey22RU5aIw/QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN45+baIXYkOx5a6I3ii5IaHixsOMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvM2puNXRvaGRpUTdIbHJvamVLTGtob2VMR3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAYAwQA
VCA5AwQAVCCwAwQBVCDWAwQAVCD4AwQCWNjsMA0GCSqGSIb3DQEBCwUAA4IBAQB7
4lvfrdZwe+FW4UJSK+JtosdLP11etpvEXThaWtRxhTe/zEZVRGl4an8HZgU6vD3E
oYyfEXTUP5WrAo4zZsCjpJLqjVGH+Duu8r8zso8al6mHd6362v4ai6Xjm02eXqf3
cjxvoLGHOEsaTA6/S/B4jFclXc8rnpEytfyIaVYebFT/fm/mVVDenoMldiWBhkWh
8ePfzpYbbMemiYKckNSiqlSYvwwPPUK7foWfIYb6IsvouBjzmx3mEO6jWCkjxQb2
zlryxyp/ODN3PoovaX7UAzTEERCyJUZzJVtTHvOXUTk6lWCrs93zl7G5OdiOzj5o
YXmNip3T4SiVU8uR1Uwf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org